@Tomas J You want to do business in EU, you have to comply with our laws.
Right, but they may not be doing business in the EU. When I was with Xojo, we did have agents in the EU, so in that case the laws would apply. To the best of my knowledge, that isn’t the case anymore. That’s important.
If you visit a US website hosted on US servers and purchase from a US company, you are doing business in the US. Unless you believe US websites should subscribe to GeoIP data and block access from all users outside the US.
Also, laws are only as effective as their enforcement. GDPR laws applying to US companies is currently dubious at best. Again, we’re talking about companies with no presence at all in the EU, not giants like Apple and Facebook that have offices all over. The EU can shake their fist and claim their laws apply to US companies all they want. The issue hasn’t been tested in court. I am not a lawyer, but I imagine it would have to be decided by the U.N. because neither country’s courts could be considered impartial. The only companies worth going through the effort for, already have some sort of presence in the EU, so they comply since they are required to. It’ll be an interesting day when an EU regulatory agency tries to impose a decision on a US-exclusive company.
I’m all for privacy. GDPR has the right idea. But claiming jurisdiction over all companies in the world is laughable.